Records exposed of 650K patients at Bon Secours

What type of information? Personal information of patients – including names, insurance identification numbers, banking information, Social Security numbers and some clinical data.

What happened? The data was exposed on the internet for four days after R-C Healthcare Management, a firm that helps hospitals with Medicaid reimbursements, adjusted network settings which resulted in the exposure online of personally identifiable information on Bon Secours patients in three states.

What was the response? The exposure was detected by Bon Secours on June 14. They notified R-C Healthcare, which claimed to take steps "to secure the information so that it could no longer be accessed via the internet,” according to a prepared statement. The health system also launched an internal investigation and started notifying affected patients by mail on August 12. The health system also extended to affected individuals a year's membership to identity protection services.

Quote: "The investigator confirmed the incident has been fully remediated. All R-C customers who might be affected have been notified of the situation and its resolution." – K. Michael Webdale, CEO, R-C Healthcare Management

Get SC Media delivered to your inbox

Whitepaper of the Day

Newswire

Buzz

I would like to receive relevant information via email from Haymarket Media.

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.